The present invention relates to a system and method for preventing unauthorized copying of digital audio data or other data using a communication network.
Various known systems for preventing unauthorized copying of digital data or the like employ a scrampling-based method where a transmitting-end unit encrypts digital audio data themselves as by a scrambling process and a receiving end decrypts the encrypted data to reproduce the original digital data, and an ID-based method where either the transmitting-end unit or the receiving-end unit determines, on the basis of ID information pre-added to the header or the like of digital data, whether the copying in question is an authorized or unauthorized one.
The scrampling-based method, however, is not satisfactory in that the transmitting-end unit always has to encrypt the data themselves while the receiving-end unit always has to perform the decrypting process for reproduction, as noted earlier; namely, the transmitting-end and receiving-end units both bear considerable load because of use of the data encryption scheme. The ID-based method is also not satisfactory in that unauthorized copying can not be effectively prevented on the basis of the ID information in cases where either the transmitting-end or receiving-end unit employs an unfair or unauthorized device to rewrite the ID information itself or the receiving-end unit employs an unfair or unauthorized device to ignore the ID information.
It is therefore an object of the present invention to provide an unauthorized copying preventing system and method which can prevent data communication with an unauthorized instrument without a need to always modify the data themselves through specific data processing such as an encrypting process.
It is another object of the present invention to provide a monitor node and transmission/reception node which can be efficiently used for such an unauthorized copying preventing system and method.
According to a first aspect of the present invention, there is provided a system for preventing unauthorized copying of data through a communication network, which comprises: one or more authorized nodes connected to the communication network, each of the authorized nodes having a normal mode for directly inputting and outputting digital data via the communication network without performing thereon specific data processing such as an encrypting process and a protected mode for preventing the digital data outputted from the authorized node from being received by an unauthorized node connected to the communication network, each of the authorized nodes normally performing a data input/output operation via the communication network in the normal mode but, when the protected mode is instructed, performing the data input/output operation via the communication network in the protected mode; and a monitor node connected to the communication network for monitoring to determine whether any unauthorized node is connected to the communication network, the monitor node instructing the authorized nodes to perform the data input/output operation in the protected mode upon detection of the unauthorized node.
Each of the authorized nodes has a normal mode and a protected mode for its data input/output operation. On a communication network constituted only by authorized nodes, each of the nodes is allowed to freely input and output (communicate) data in the normal mode. The monitor node, which is also connected to the communication network, detects when an unauthorized node is connected to the network, and then instructs each of the authorized nodes to input and output data in the protected mode. By thus communicating the data in the protected mode, unauthorized copying of the data by the unauthorized node can be effectively avoided. Because the normal mode does not require such an encrypting process although some encrypting process is employed in the protected mode, load on the system can be considerably reduced as a whole.
Preferably, the authorized nodes and monitor node are freely connectable and disconnectable to and from the communication network, and the monitor node determines whether each of the nodes connected to the communication network is an authorized node and identifies every node other than the authorized nodes as the unauthorized node. The monitor node may determine whether any unauthorized node is connected to the communication network on the basis of detection of an additional node newly connected to the communication network. Each of the authorized nodes may send a newly-connected-node-detection confirming signal to the monitor node via the communication network in response to detection of an additional node newly connected to the communication network, and in response to the newly-connected-node-detection confirming signal, the monitor node may determine whether any unauthorized node is connected to the communication network. Preferably, the monitor node determines whether any unauthorized node is connected to the communication network, when the monitor node itself is connected to the communication network. In the above-mentioned manner, the monitor node is allowed to properly detect presence of any unauthorized node.
In a preferred implementation of the present invention, the monitor node sends an encrypted secret code to the communication network and thereby receives replies from the authorized nodes that the authorized nodes are duly authorized instruments. On the basis of the replies from the authorized nodes, the monitor node determines whether any unauthorized node is connected to the communication network. By employing an encrypted secret code as a means for determining whether the node in question is authorized without being recognized by an unauthorized node, unauthorized copying can be prevented even more effectively.
The protected mode allows the digital data to be communicated only between the authorized nodes by inputting and outputting, via the communication network, the digital data having undergone a predetermined encrypting process. Thus, in the protected mode, digital data flowing on the communication network can be reliably protected from being read by any unauthorized node connected to the communication network. Alternatively, the protected mode may prevent the digital data from being received by the unauthorized node by inhibiting input/output of the digital data from being conducted via the communication network. If the digital data are to be exchanged between the authorized nodes, then a dedicated or private line may be used between the two.
According to another aspect of the present invention, there is provided a monitor node which is connected to a communication network with at least one of authorized and unauthorized nodes connected thereto for distinguishing between the authorized and unauthorized nodes. The monitor node comprises: an input/output device that sends the communication network a predetermined encrypted code decodable by the authorized node and receives, from the authorized node having received and decoded the encrypted code, a reply that the authorized node is duly authorized; and a detection processing device that determines, from presence/absence of the reply, whether the node connected to the communication network is an unauthorized node.
Using the encrypted code that can not be understood or decoded by an unauthorized node, the monitor node can effectively prevent unauthorized copying. Also, by sending the encrypted code to the communication network with the unauthorized node connected thereto, it is possible to readily detect presence of the unauthorized node.
Preferably, the input/output device includes means that detects whether any additional node is newly connected to the communication network and sends the predetermined encrypted code to the communication network in accordance with a determination result provided by that means. With this arrangement, the monitor node detects presence of an unauthorized node when one of authorized and unauthorized nodes is newly connected to the communication network, and it does not have to wastefully perform the unauthorized node detecting process.
Preferably, at least one authorized node is connected to the communication network and the input/output device includes means that, via the communication network, receives, from the authorized node, a newly-connected-node-detection confirming signal indicating that an additional node is newly connected to the communication network, and wherein the input/output device sends the predetermined encrypted code to the communication network upon receipt of the newly-connected-node-detection confirming signal. This arrangement eliminates a need for the monitor node to constantly monitor the communication network so as to detect any newly-connected additional node. Further, because the newly-connected node detecting process is performed by the authorized node, processing load on the monitor node can be considerably reduced.
According to still another aspect of the present invention, there is provided a monitor node which is connected to a communication network with at least one of authorized and unauthorized nodes connected thereto for distinguishing between the authorized and unauthorized nodes. The monitor node comprises: an input/output device that, via the communication network, receives, from the authorized node, a newly-connected-node-detection confirming signal indicating that an additional node is newly connected to the communication network; and a detector device that, on the basis of the received newly-connected-node-detection confirming signal, determines whether the nodes connected to the communication network includes an unauthorized node. With this arrangement, the monitor node detects presence of an unauthorized node when one of authorized and unauthorized nodes is newly connected to the communication network, and it does not have to wastefully perform the unauthorized node detecting process.
According to still another aspect of the present invention, there is provided a transmission/reception node which is connected to a communication network for transmitting and receiving digital data via the communication network. The transmission/reception node comprises: a control device that controls input/output of the digital data though the communication network in a selected one of a normal mode and a protected mode, wherein the normal mode is a mode for directly inputting and outputting the digital data via the communication network without performing thereon specific data processing such as an encrypting process and the protected mode is a mode for preventing digital data outputted from the authorized node from being received by an unauthorized node connected to the communication network; an input/output device that sends a predetermined encrypted code to the communication network and, via the communication network, receives, from another node having received and decoded the encrypted code, a reply that the other node is duly authorized; a detector device that detects, from presence/absence of the reply, whether the other node connected to the communication network is an unauthorized node; and a mode selecting device that normally instructs the control device to select the normal mode, but, when an unauthorized node is detected by the detector device, instructs the control device to select the protected mode.
Like the above-mentioned monitor node, this transmission/reception node is capable of performing the unauthorized node detecting process. Thus, any unauthorized node can be detected without providing a particular monitor node on the communication network, so that unauthorized copying can be prevented effectively. The communication network may be constituted by a plurality of such transmission/reception nodes. In this case, an effective unauthorized copying preventing system can be readily built, because each of the transmission/reception nodes has the function of performing the unauthorized node detecting process.
According to still another aspect of the present invention, there is provided a transmission/reception node connected to a communication network for transmitting and receiving digital data via the communication network. The transmission/reception node comprises: a control device that controls input/output of the digital data through the communication network in a selected one of a normal mode and a protected mode, wherein the normal mode is a mode for directly inputting and outputting the digital data via the communication network without performing thereon specific data processing such as an encrypting process and the protected mode is a mode for preventing the digital data outputted from the authorized node from being received by an unauthorized node connected to the communication network; an input device that receives, via the communication network, an instruction to execute the protected mode; and a mode selecting device that normally instructs the control device to select the normal mode, but, when the instruction to execute the protected mode is received via the communication network, instructs the control device to select the protected mode. The transmission/reception node may further comprise a device that detects that any additional node is newly connected to the communication network and sends the communication network a newly-connected-node-detection confirming signal upon detection of the additional node newly connected to the communication network. If the communication network is constituted by a plurality of such transmission/reception nodes, it is no longer necessary for the monitor node to constantly monitor the communication network so as to detect any newly-connected additional node, and hence processing load on the monitor node can be considerably reduced.
The protected mode may prevent the digital data from being received by the unauthorized node by inputting/outputting the digital data having undergone a predetermined encrypting process. Thus, in the protected mode, digital data flowing on the communication network can be reliably protected from being read by any unauthorized node connected to the communication network. Alternatively, the protected mode may prevent the digital data from being received by the unauthorized node by inhibiting input/output of the digital data from being conducted via the communication network. If the digital data are to be exchanged between the authorized nodes, then a dedicated or private line may be used between the two nodes.